---------------------------------------------------------------------
Red Hat, Inc. Security Advisory
Synopsis: Another buffer overflow in wu-ftpd is fixed
Advisory ID: RHSA-1999:031-01
Issue date: 1999-08-25
Keywords: wu-ftpd buffer overflow
---------------------------------------------------------------------
1. Topic:
New packages of wu-ftpd are available for all Red Hat Linux platforms. This
version includes an important security fix as well as fixes for all known
problems in wu-ftpd at this time.
2. Bug IDs fixed:
1599 3482 3866
3. Relevant releases/architectures:
Red Hat Linux 6.0, all architectures
Red Hat Linux 5.x, all architectures
Red Hat Linux 4.x, all architectures
4. Obsoleted by:
5. Conflicts with:
6. RPMs required:
Red Hat Linux 6.0:
Intel: ftp://updates.redhat.com/6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm
Alpha: ftp://updates.redhat.com/6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm
Sparc: ftp://updates.redhat.com/6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm
Source: ftp://updates.redhat.com/6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm
Red Hat Linux 5.x:
Intel: ftp://updates.redhat.com/5.2/i386/wu-ftpd-2.5.0-5.5.x.i386.rpm
Alpha: ftp://updates.redhat.com/5.2/alpha/wu-ftpd-2.5.0-5.5.x.alpha.rpm
Sparc: ftp://updates.redhat.com/5.2/sparc/wu-ftpd-2.5.0-5.5.x.sparc.rpm
Source: ftp://updates.redhat.com/5.2/SRPMS/wu-ftpd-2.5.0-5.5.x.src.rpm
Red Hat Linux 4.x:
Intel: ftp://updates.redhat.com/4.2/i386/wu-ftpd-2.5.0-5.4.x.i386.rpm
Alpha: ftp://updates.redhat.com/4.2/alpha/wu-ftpd-2.5.0-5.4.x.alpha.rpm
Sparc: ftp://updates.redhat.com/4.2/sparc/wu-ftpd-2.5.0-5.4.x.sparc.rpm
Source: ftp://updates.redhat.com/4.2/SRPMS/wu-ftpd-2.5.0-5.4.x.src.rpm
7. Problem description:
An explotable buffer overflow security problem in the wu-ftpd daemon has
been fixed.
The previous errata for wu-ftpd did not update /var/run/utmp correctly
when a session was disconnected. This problem manifested itself as
last displaying connections that had terminated as still active.
A minor and obscure problem with members not in a configured class
being permitted to login on the second attempt has been fixed.
Thanks go to Gregory A. Lundberg of the WU-FTPD Development Group for
supplying the patches.
8. Solution:
For each RPM for your particular architecture, run:
rpm -Uvh
where filename is the name of the RPM.
9. Verification:
MD5 sum Package Name
--------------------------------------------------------------------------
ccfbc56597f38abd79688e8742b2005e 4.2/SRPMS/wu-ftpd-2.5.0-5.4.x.src.rpm
f1bfc82095f5fd5f834c709699e098d9 4.2/alpha/wu-ftpd-2.5.0-5.4.x.alpha.rpm
830e515d27b674cc6657a8287112c852 4.2/i386/wu-ftpd-2.5.0-5.4.x.i386.rpm
4c831a2c451eedc562f16448a964725d 4.2/sparc/wu-ftpd-2.5.0-5.4.x.sparc.rpm
5a9528d4cca6ceffddb8599af6537498 5.2/SRPMS/wu-ftpd-2.5.0-5.5.x.src.rpm
8f123558e25527043b87e8316845086e 5.2/alpha/wu-ftpd-2.5.0-5.5.x.alpha.rpm
6026b858d5396c09e2613d5f022889d4 5.2/i386/wu-ftpd-2.5.0-5.5.x.i386.rpm
81af3044041ffdb04d10acb210bb7f63 5.2/sparc/wu-ftpd-2.5.0-5.5.x.sparc.rpm
f73f420b55128a2228e8c6cf5692fc64 6.0/SRPMS/wu-ftpd-2.5.0-5.6.0.src.rpm
0d13ec35e8ad4bb6f44ba7489c7d8a84 6.0/alpha/wu-ftpd-2.5.0-5.6.0.alpha.rpm
cdac8067673e58ed64f3a96d5ba5b6f9 6.0/i386/wu-ftpd-2.5.0-5.6.0.i386.rpm
22cfce1de906e413fe5561fd36a35d2f 6.0/sparc/wu-ftpd-2.5.0-5.6.0.sparc.rpm
These packages are PGP signed by Red Hat Inc. for security. Our key
is available at:
http://www.redhat.com/corp/contact.html
You can verify each package with the following command:
rpm --checksig
If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
rpm --checksig --nopgp
10. References: